Security outside the box

Summary:In my previous post, I observed that disruptive Web services standardization will create many consolidations and mergers within the IT industry. Simultaneously, new markets are also springing up.

In my previous post, I observed that disruptive Web services standardization will create many consolidations and mergers within the IT industry. Simultaneously, new markets are also springing up.

A biggie is IT security, which, of course, has given us heartburn for years. Now, Web services threatens to really keep us up at nights. A loosely coupled enterprise is inherently full of gaps and differing layers of requesters and responders. Vendors and standards bodies are working overtime to assuage fears, and OASIS' WS-Security protocols address many types of security tokens and formats.

However, no one can, or should handle this alone. As Yankee Group points out in a Line56 report, a whole new industry is springing up around Web services and SOA security. "The Web services vision involves software and devices that can connect to each other globally which, while convenient for IT and business users alike, represents a massive security challenge."

Yankee Group says these concerns will fuel a $4 billion market for managed security services by 2008 that will exist to allay the fears of vulnerabilties in loosely coupled enterprises. However, 90% of this market will be outsourced, much of it overseas.

An interesting phenomenon, if companies decide their IT security is something that can be farmed out. Security is very much a control issue, and something they prefer to hold close to the vest. It remains to be seen if Web services and SOA take our thinking that far outside the box.

Joe McKendrick is an author and independent analyst who tracks the impact of information technology on management and markets. Joe is co-author, along with 16 leading industry leaders and thinkers, of the SOA Manifesto, which outlines the values and guiding principles of service orientation. He speaks frequently on cloud, SOA, data, and...
Full Bio

Disclosure

Joe McKendrick is an independent consultant, editor and speaker. Joe has performed project work (white papers, articles, blogs, research and presentations) for the following companies in the IT marketspace: CBS Interactive/CNET/ZDNet (this blog) ebizQ Evans Data Gartner IBM Informatica IDC Microsoft Systinet/HP Teradata Unisphere Reseach, a division of Information Today, Inc. WebLayers Joe has also performed research work for the following sponsoring organizations in partnership with Unisphere Research, a division of Information Today, Inc. IBM Luminex Noetix Oracle Corp. Teradata Informatica International Oracle Users Group Oracle Applications Users Group Professional Association for SQL Server International DB2 Users Group International Sybase Users Group SHARE (IBM large systems users group)